GnuPG versions before 1.4.17 and 2.0.24 are vulnerable to a denial
of service which can be caused by garbled compressed data packets
which may put gpg into an infinite loop (CVE-2014-4617).
_______________________________________________________________________